[Typo3-dev] sessions an subdomains

Thorsten Kahler thorsten.kahler at dkd.de
Thu Feb 3 21:20:21 CET 2005 

Hi Masi,

I just did a little bit of testing now...

On Thu, 03 Feb 2005 18:58:38 -0500, Martin T. Kutschker  wrote:

> Thorsten Kahler wrote:
>> Hi Masi,
>>  we already came across your problem indeed. And we found an existing   
>> solution to our problem, that may help you too.
>
> Thanx, but does this work with BE sessiosn as well. Editors will log  
> into www.boku.ac.at/typo3 and expect to have an admin panel across th  
> whole site.
>
> Besides I don't see the point in redirecting if the problem can solved  
> by setting the cookie correctly.
>
> Thanx anyway.
> Masi
>

The previously stated solution with "TSFE.jumpUrl_transferSession=1" does  
just work for FE users. There's no chance to "transfer" BE users this way.

This was no problem for us yet as we have two well-defined groups of  
editors: a few real BE users, who just use the BE and a bunch of editors  
who log in into the FE and are served with BE user rights via the  
extension "dkd_feuser_belogin". I don't know if there are any FE editors  
who have editor rights on both portals, at least no one grumbled yet:  
There's indeed the problem that the editors just have to login to the FE  
once, but twice to the BE.

I could imagine another hack using one of the hooks provided by the  
extension "newloginbox" (as "dkd_redirect_at_login" does in the meantime).  
But that's not where your're aiming at.

I agree with you in the point that adjusting the domain the (BE and FE)  
cookies belong to would be a clean and universal solution. I would suggest  
extending the sys_domains table to optionaly set the domain for FE  
cookies. Setting the BE cookie domain in TYPO3_CONF_VARS via localconf.php  
IMHO won't be very nice as it's possible to have dozens of subdomains in  
dozens of domains. You would end up in a configuration mess similar to the  
one caused by RealURL.

Using the entries from sys_domains should be possible too, but I'm not  
familiar with the BE login so I wouldn't bet on it.

Finally: you didn't try a feature request on bugs.typo3.org I found.  
Chances will be better with a feature request I think (as e.g. Robert  
always mentions he would forget bug fixes etc. mentioned on the lists if  
they're not in the bug tracker). Perhaps you can write a patch for the  
that solves the issue, because you did a hack for it already before. That  
would raise the chances also.

Nice regards
Thorsten

More information about the TYPO3-dev mailing list